I've build a react app using create-react-app. But then I came to know that my react app is open for clickjacking attack as I didn't set any X-Frame options in my app. Now how can I set X-Frame options in my react app which is created my create-react-app and I have no express js backend.
Asked
Active
Viewed 4,471 times
3
Vasu Ch
- 185
- 2
- 12
1 Answers
-1
https://nextjs.org/docs/api-reference/next.config.js/headers
You could try this...I hope it works
async headers() {
return [
{
// source: "/login",
headers: [
{
key: "X-Content-Options",
value: "Deny",
},
{
key: "Content-Security-Policy",
value: "frame-ancestors 'none'",
},
],
},
];
},
Sebas Valencia
- 1
- 1